<?php
if ( !defined('IN_ADMINCP') || !defined('IN_SEC') ){
	exit('Access Denied.');
}

class admincp_account{

	var $salt = '@#$#@%$(*&^%';
	var $table = 'admincp_member';
	var $table_1 = 'customer';

	public function __construct($salt = ''){
		global $_G;
		$this->salt = $salt ? $salt : $this->salt;
		$this->username = htmlspecialchars($_G['gp_username']);
		$this->authcode = htmlspecialchars($_G['gp_authcode']);
		//区分 销售 合伙人
		$this->remark = htmlspecialchars($_G['gp_remark']);
		$this->password = $this->password($_G['gp_password']);
	}

	public function initCode(){
		$autoauthcode = cookieget('heivr-login-autoauth');
		$code = authcode(base64_decode($autoauthcode), 'DECODE', 'heivr-login-auth');
		if( $code ){
			$authlogin = explode('@', $code);
			$this->username = $authlogin[0];
			$this->password = $authlogin[1];
			return true;
		}
	}

	public function register(){
		global $_G;
		if ( !$_G['gp_username'] ){
			$this->halt('请输入帐号');
		}
		if ( !$_G['gp_password'] ){
			$this->halt('请输入密码');
		}

		if($_G['gp_cusid']){
			$result = $this->customer($_G['gp_cusid']);
			$saleid = $result['adminid'];
		}

		$this->realname = trim($_G['gp_realname']);
		$this->groupid = $_G['gp_groupid'] ? intval($_G['gp_groupid']) : $this->halt('请选择管理职位');
		$this->departmentid = $_G['gp_departmentid'] ? intval($_G['gp_departmentid']) : 0;
		$this->companyid = $_G['gp_companyid'] ? intval($_G['gp_companyid']) : 0;
		$this->groupid = ($this->groupid == 1) ? $this->halt('不能选择系统最高分组') : $this->groupid;
		$this->sale_id = $saleid;
		$this->cus_id = $_G['gp_cusid'];
		$groups = DB::Fetch('admincp_group', array('id' => $this->groupid));

		$this->gender = $_G['gp_gender'] ? 1 : 0;
		$this->mobile = $_G['gp_phone'] ? htmlspecialchars($_G['gp_phone']) : '';

		if ( !$groups ){
			$this->halt('该分组已被删除');
		}

		if ( $this->exists($this->username) ){
			return $this->halt('该帐号已经存在');
		}
		if ( $this->exists($this->mobile, 'mobile') ){
			return $this->halt('该手机号已被使用！');
		}
		return $this->_register();
	}

	private function _register(){
		return DB::Insert($this->table, array(
			'gender' => $this->gender,
			'username' => $this->username,
			'password' => $this->password,
			'realname' => $this->realname,
			'groupid' => $this->groupid,
			'companyid' => $this->companyid,
			'departmentid' => $this->departmentid,
			'mobile' => $this->mobile,
			'sale_id' => $this->sale_id,
			'cus_id' => $this->cus_id,
			'create_time' => SYS_TIME
		));
	}

	public function edit($admin = array()){
		global $_G;
		if ( $admin['id'] ){
			if( $admin['mobile'] ){
				$exists = $this->exists($admin['mobile'], 'mobile');
				if( $exists && $exists['username'] != $admin['username'] ){
					$this->halt('该手机号已被使用！');
				}
			}

			if($_G['gp_cusid']){
				$result = $this->customer($_G['gp_cusid']);
				$saleid = $result['adminid'];
			}

			$this->password = $_G['gp_password'] ? $this->password($_G['gp_password']) : $admin['password'];
			$admin['groupid'] = $_G['gp_groupid'] ? $_G['gp_groupid'] : ($admin['groupid'] ? $admin['groupid'] : 0);
			$admin['companyid'] = $_G['gp_companyid'] ? $_G['gp_companyid'] : ($admin['companyid'] ? $admin['companyid'] : 0);
			$admin['departmentid'] = $_G['gp_departmentid'] ? $_G['gp_departmentid'] : ($admin['departmentid'] ? $admin['departmentid'] : 0);
			$admin['password'] = $this->password;
			$admin['realname'] = trim($_G['gp_realname']);
			$admin['gender'] = trim($_G['gp_gender']) ? 1 : 0;
			$admin['uac'] = trim($_G['gp_uac']) ? 1 : 0;
			$admin['sale_id'] = $saleid;
			$admin['cus_id'] = $_G['gp_cusid'] ? $_G['gp_cusid'] :0;
			return updatecache($this->table, $admin['id'], $admin, 'admincp_login_' . $admin['id']);
		}else{
			return false;
		}
	}

	public function check_password($admin = array(), $password = ''){
		global $_G;
		$admin = $admin ? $admin : array();
		$password = $password ? $password : $_G['gp_confirm_password'];
		if( !$admin || $this->password($password) != $admin['password'] ){
			return false;
		}
		return true;
	}

	public function clearauth(){
		cookieset('heivr-login-autoauth', '', -1);
	}

	public function authlogin($authcode = ''){
		$authcode = authcode($authcode, 'DECODE', 'heivr-login-auth');
		if( $authcode ){
			$this->password = $authcode;
		}
	}

	public function login(){
		if( $this->authcode ){
			$this->authlogin($this->authcode);
		}

		$admin = $this->exists($this->username);
		if ( $admin ){
			if ( $admin['password'] != $this->password ){
				$this->halt('密码错误');
			}		
		}else{
			$this->halt('管理员不存在');
		}
		$autoauthcode = authcode("{$admin['username']}@{$admin['password']}", 'ENCODE', 'heivr-login-auth', 7 * 86400);
		cookieset('heivr-login-autoauth', base64_encode($autoauthcode), $expire);
		$this->_login($admin['id']);
		// $this->_remark($admin['remark']);
		return $admin;
	}

	public function _login($adminid = 0){
		return Session::Set('adminid', $adminid);
	}

	public function logout(){
		$this->clearauth();
		if ( $adminid = Session::Get('adminid', true) ){
			$cache = 'admincp_login_' . $adminid;
			return delcache($cache);
		}else{
			if ( AJAX ){
				jsonp(array(
					'nologin' => 1,
					'data' => render('admin_login_dialog'),
				));
			}
			$this->halt('您未登录');
		}
	}

	public function exists($username = '', $key = 'username'){
		return DB::Fetch($this->table, array($key => $username));	
	}
	public function customer($id='',$key = 'id'){
		return DB::Fetch($this->table_1,array($key => $id));
	}
	public function password($password = ''){
			return md5( $password . $this->salt );			
	}

	private function halt($msg = '', $url = HTTP_REFERER){
		$this->clearauth();
		if ( AJAX ){
			jsonp($msg, 'alert', 1);
		}else{
			Session::Set('error', $msg);
			redirect($url);
		}
	}

}
?>